OTL logfile created on: 27/11/2011 12:52:26 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Neha\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.94 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 57.63% Memory free
6.07 Gb Paging File | 4.83 Gb Available in Paging File | 79.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 52.37 Gb Free Space | 37.68% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.92 Gb Free Space | 49.19% Space Free | Partition Type: NTFS
Computer Name: NEHA-PC | User Name: Neha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011/11/27 12:50:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Neha\Desktop\OTL.exe
PRC - [2011/11/07 21:28:26 | 001,652,536 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/09/06 15:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/01/13 06:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\waol.exe
PRC - [2011/01/13 06:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\shellmon.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1200518764\ee\aolsoftware.exe
PRC - [2009/09/03 09:50:06 | 003,327,488 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files\TurboHddUsb\TurboHddUsb.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 01:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
========== Modules (No Company Name) ==========
MOD - [2011/11/07 21:30:22 | 000,516,368 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2011/10/30 20:57:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/13 06:20:01 | 000,048,640 | ---- | M] () -- C:\Program Files\AOL Desktop 9.6\zlib.dll
========== Win32 Services (SafeList) ==========
SRV - [2011/11/07 21:28:26 | 000,931,640 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/09/06 15:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/04/01 10:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 10:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 06:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ==========
DRV - [2011/11/07 21:30:22 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso.sys -- (RapportIaso)
DRV - [2011/11/07 21:30:20 | 000,227,312 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_32301.sys -- (RapportCerberus_32301)
DRV - [2011/11/07 21:28:40 | 000,071,440 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/11/07 21:28:38 | 000,164,112 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/09/14 08:58:10 | 000,225,592 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2011/09/06 15:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/09/06 15:37:53 | 000,320,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/09/06 15:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/09/06 15:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/09/06 15:36:26 | 000,054,616 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/09/06 15:36:12 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/02/04 10:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/09/03 09:50:10 | 000,007,040 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2009/09/03 09:50:06 | 000,017,792 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH)
DRV - [2009/07/14 17:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/01/19 01:14:59 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/10/29 04:40:28 | 001,062,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/04/19 13:13:00 | 000,131,368 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvrd32.sys -- (nvrd32)
DRV - [2007/03/17 10:41:50 | 000,101,160 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/01 18:50:00 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2005/06/24 16:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 09:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 09:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/02/23 13:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ca.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "http://plasmoo.com/i...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ca"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.8.0.8
FF - prefs.js..extensions.enabledItems: [email protected]:2.8.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}:7.0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Neha\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/16 20:33:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/16 20:33:00 | 000,000,000 | ---D | M]
[2008/06/19 18:42:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neha\AppData\Roaming\Mozilla\Extensions
[2011/11/10 14:57:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions
[2011/11/10 14:57:17 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/11/07 14:40:05 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/10/14 10:27:13 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/09/08 06:36:59 | 000,000,000 | ---D | M] (LiveClick) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\{d166ee2a-36bb-4f33-aff7-e85f912df509}
[2011/09/22 10:48:21 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\[email protected]
[2009/09/05 04:24:50 | 000,002,255 | ---- | M] () -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\searchplugins\askcom.xml
[2009/03/13 17:47:14 | 000,001,632 | ---- | M] () -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\searchplugins\live-search.xml
[2011/04/28 18:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\searchplugins\plasmoo.xml
[2011/11/14 13:07:30 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/14 13:07:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}
[2011/11/05 01:53:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/10/06 20:18:35 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/11/14 13:07:06 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/10/06 20:18:37 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/11/04 22:21:03 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/04 22:21:03 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Neha\AppData\Local\Google\Chrome\Application\14.0.835.202\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Users\Neha\AppData\Local\Google\Chrome\Application\14.0.835.202\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Neha\AppData\Local\Google\Chrome\Application\14.0.835.202\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Neha\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Neha\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AdBlock = C:\Users\Neha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.4.23_0\
CHR - Extension: Browser Button for AdBlock = C:\Users\Neha\AppData\Local\Google\Chrome\User Data\Default\Extensions\picdndbpdnapajibahnnogkjofaeooof\0.0.13_0\
O1 HOSTS File: ([2011/05/26 15:34:29 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [TurboHddUsb] C:\Program Files\TurboHddUsb\TurboHddUsb.exe (FNet Co., Ltd.)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Neha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.188.146.145
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A83CB25-9719-4FAF-9CFB-04D587A3997E}: DhcpNameServer = 205.188.146.145
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{06168e27-cc8d-11dc-b404-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{06168e27-cc8d-11dc-b404-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/11/27 12:50:33 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Neha\Desktop\OTL.exe
[2011/11/25 11:34:44 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{BECD0A3B-9CCA-4F26-A52F-E1C137685911}
[2011/11/25 11:34:36 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{2EC36F31-7E35-4D9A-9628-5926369E3521}
[2011/11/24 11:33:24 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{C81209D5-BD19-46F4-AD5D-B0256CB3E971}
[2011/11/24 11:33:18 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{FCE40A94-C62D-4C06-953B-B4E64F6B0D5C}
[2011/11/23 22:06:14 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{1374563D-9E84-4905-B02B-3C702B75532D}
[2011/11/23 22:06:07 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{3A19F2D5-C76E-408B-B890-82521470300E}
[2011/11/23 08:45:58 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{B9D48251-AFB8-446F-8632-2930E3E76D64}
[2011/11/23 08:45:54 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{BA7F4BCB-CD7D-4F1D-8EC6-F59B8ECF360A}
[2011/11/22 07:36:49 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{04A831D6-E60A-4DF1-B7F5-412F144BE45A}
[2011/11/22 07:36:39 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{B757EB50-6765-47B2-BFD9-B12CC10C8E8B}
[2011/11/21 07:00:31 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{0F84D4D1-FBFE-4D66-B76E-465D2169DB70}
[2011/11/21 07:00:21 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{F93A8672-4575-4ED0-9780-D961EA32A08A}
[2011/11/20 11:35:48 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{950EFA04-CA0E-4611-967D-13A353D97FE3}
[2011/11/20 11:35:42 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{639E055D-E97F-463E-89CB-4275F36C1BB0}
[2011/11/18 07:14:24 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{754D6E9E-C0DA-4024-A1FD-7FA48D490323}
[2011/11/18 07:14:20 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{3A3F9DD6-C9A2-49C5-B03B-92037C9624AF}
[2011/11/17 11:33:47 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{E2EDBA8D-02AA-4882-934E-0BACF82EC875}
[2011/11/17 11:33:43 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{D693BFF8-6A96-41EB-953D-0F47E59F73F3}
[2011/11/16 20:33:02 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2011/11/16 20:33:02 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
[2011/11/16 20:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[2011/11/16 20:32:58 | 000,000,000 | ---D | C] -- C:\Program Files\Coupons
[2011/11/16 20:32:41 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Roaming\HpUpdate
[2011/11/16 20:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2011/11/16 20:28:35 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2011/11/16 20:28:34 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2011/11/16 20:08:38 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\HP
[2011/11/16 11:36:49 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{EDDA101E-3461-4433-B172-9D9803FE4A64}
[2011/11/16 11:36:41 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{84C0BCC3-0409-4835-B10E-852A0CC98EAC}
[2011/11/15 11:36:14 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{C124CF2B-501E-49CA-A944-AF944F655528}
[2011/11/15 11:36:10 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{769209FA-7270-4C4C-8F3F-49A1C408BE31}
[2011/11/14 18:30:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/11/14 18:29:14 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/11/14 18:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/11/14 13:20:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/11/14 13:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011/11/14 11:30:06 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{A5D63B1D-48BF-4D7D-A482-77DA6CD2FDE8}
[2011/11/14 11:29:34 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{EDF928F5-C182-4EBE-A971-54525B1AF574}
[2011/11/13 22:08:43 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{C341E1CE-7CED-4355-A040-7C1CB3D1F691}
[2011/11/13 22:08:36 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{EF6D09D5-128E-4641-9BEE-D2D7BF4C46EA}
[2011/11/13 11:34:54 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{73493EBB-CFAC-40E3-AFF4-9685DB087B74}
[2011/11/12 20:58:32 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{14985E97-CD6E-487D-8571-B7B69CEB2FEB}
[2011/11/12 20:58:22 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{F257F842-BFFD-416F-8992-46C390B0BECE}
[2011/11/11 08:33:06 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{A26718C3-BE4E-4854-99CD-AEEA30AC458C}
[2011/11/11 08:32:59 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{19A20338-B4D7-43E8-8839-3DBBE9126F5B}
[2011/11/10 11:06:44 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{9DE469EC-945D-4BD4-831D-A4006518BC81}
[2011/11/10 11:06:37 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{BC6BA3D9-B326-44B0-994B-13E85F96E09F}
[2011/11/09 20:47:30 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{07EF7A41-FAE0-4D32-B048-470455E631E5}
[2011/11/09 20:47:28 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{D81914FB-7B6D-48CF-A75E-E5E6034D94C3}
[2011/11/09 08:47:03 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{43E0E672-55C5-4CF7-8815-BCAFD014470E}
[2011/11/09 08:47:00 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{3FAA06D3-07C9-4634-AE99-1621765D384A}
[2011/11/07 21:28:38 | 000,056,208 | ---- | C] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[2011/11/07 13:36:44 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\Trusteer
[2011/11/07 13:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Rapport
[2011/11/07 13:35:34 | 000,000,000 | ---D | C] -- C:\Program Files\Trusteer
[2011/11/07 13:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Trusteer
[2011/11/07 11:35:52 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{B7E5D967-E9CC-42BD-966B-F7C8194BF7A8}
[2011/11/07 11:34:41 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{0B809801-D880-429C-BACC-E3D843ACAC2B}
[2011/11/05 06:58:15 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{FE408156-78D8-40E1-8C30-F4B7BF4ECA95}
[2011/11/05 06:56:22 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{26D1BE06-5D81-4A4F-87E1-99BD3B49B8AB}
[2011/11/03 10:17:00 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{60BF999C-A1EB-4477-B7D5-E9567C843D4B}
[2011/11/03 10:15:11 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{96FA30EB-9C0E-4187-B4F4-C2E9C1DD096B}
[2011/11/02 20:59:29 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{7FEA9E6C-93AF-472D-AEC0-997F55C5C524}
[2011/11/02 20:59:00 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{6B863C29-9C54-440B-8007-E8C069FD1290}
[2011/11/02 07:50:20 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{340346EB-CE5A-47D2-B384-0369AEB937FC}
[2011/11/02 07:49:10 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{0B22FC1F-F302-48A5-9DC8-D3C1AE6DB908}
[2011/11/01 19:04:06 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Roaming\Yahoo!
[2011/11/01 10:14:32 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{EF1F2497-5C5A-49ED-898D-B5301026C016}
[2011/11/01 10:14:01 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{C6900884-EFC4-4340-B5C6-4E51627D1A23}
[2011/10/31 10:34:59 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{42FF808C-1F51-4F3A-9514-62C0FC3DF748}
[2011/10/31 10:33:40 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{44990589-CE35-402A-8C0D-5CC5A1AA6566}
[2011/10/30 11:34:25 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{582A8352-44F6-49F0-BE48-4DE8FB7DE77C}
[2011/10/30 11:34:23 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{8E9F0840-F2E5-4004-B510-B3726A42980F}
[2011/10/29 07:32:17 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{4F3D11A0-1F08-44AE-8FBF-94F0C223C33E}
[2011/10/29 07:31:14 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Local\{337B516C-1A9F-47A3-A830-2805E20E2609}
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/11/27 12:50:54 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Neha\Desktop\OTL.exe
[2011/11/27 12:46:28 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/27 12:46:27 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/27 12:45:56 | 000,430,744 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/27 12:45:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/27 12:45:31 | 3150,471,168 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/27 12:44:28 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/11/26 16:00:23 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/11/24 16:47:36 | 000,030,672 | ---- | M] () -- C:\Users\Neha\AppData\Roaming\wklnhst.dat
[2011/11/21 08:55:00 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011/11/16 20:11:54 | 000,000,057 | ---- | M] () -- C:\ProgramData\Ament.ini
[2011/11/14 21:09:52 | 000,611,664 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/14 21:09:52 | 000,109,112 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 18:30:40 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/14 13:22:50 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/11/14 12:56:29 | 000,001,704 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011/11/09 23:25:11 | 000,000,872 | ---- | M] () -- C:\Users\Neha\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/11/09 23:25:11 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/11/09 14:00:08 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/11/07 21:28:38 | 000,056,208 | ---- | M] (Trusteer Ltd.) -- C:\Windows\System32\drivers\RapportKELL.sys
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/11/16 20:11:54 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2011/11/14 18:30:40 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/11/09 23:25:10 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/05/20 11:25:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/01/17 11:14:06 | 000,000,680 | ---- | C] () -- C:\Users\Neha\AppData\Local\d3d9caps.dat
[2009/11/04 11:58:41 | 000,217,088 | ---- | C] () -- C:\Windows\System32\avformat-50.dll
[2009/11/04 11:58:41 | 000,018,432 | ---- | C] () -- C:\Windows\System32\avutil-49.dll
[2009/11/04 11:58:40 | 001,984,512 | ---- | C] () -- C:\Windows\System32\avcodec-51.dll
[2009/09/24 06:53:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 06:53:14 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/02 15:10:18 | 000,000,029 | ---- | C] () -- C:\Windows\atid.ini
[2009/03/17 18:31:57 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/09/17 09:25:51 | 000,000,137 | -H-- | C] () -- C:\Users\Neha\AppData\Roaming\lakerda1967.sys
[2008/09/17 09:25:29 | 000,010,568 | ---- | C] () -- C:\Users\Neha\AppData\Roaming\docXConverter (3).ini
[2008/08/12 09:44:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/04/05 19:30:02 | 000,017,499 | ---- | C] () -- C:\Windows\System32\MSSDTMGTX61.DLL
[2008/01/16 17:49:09 | 000,030,672 | ---- | C] () -- C:\Users\Neha\AppData\Roaming\wklnhst.dat
[2008/01/16 16:25:15 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/01/16 16:22:44 | 000,092,672 | ---- | C] () -- C:\Users\Neha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/11 14:08:43 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/03/19 06:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 06:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 06:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 06:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 06:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 06:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 06:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 06:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 06:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 06:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 06:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2006/11/10 17:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,430,744 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,611,664 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,109,112 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2004/03/08 17:40:12 | 000,210,944 | ---- | C] () -- C:\Windows\Msvcrt10.dll
[2004/03/08 17:40:12 | 000,057,344 | ---- | C] () -- C:\Windows\icmfilter.dll
========== LOP Check ==========
[2011/09/24 13:36:19 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\Costco Photo Viewer CA-EN
[2011/05/28 14:53:21 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/06/21 11:10:55 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\Facebook
[2009/03/20 13:56:49 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\gtk-2.0
[2009/03/20 15:56:38 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\Jasc
[2010/12/11 16:47:52 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\PCDr
[2011/05/15 20:47:18 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\QFX Software
[2008/11/11 13:09:03 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\Template
[2011/10/19 18:54:56 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\Windows Live Writer
[2011/11/21 08:55:00 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/11/09 14:00:08 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/11/27 12:44:35 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/11/26 16:00:23 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\School:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\Other:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\OneNote Notebooks:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\My Received Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\Goldie's Folder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Desktop\Goldie Pics:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\My Downloads List1.ISO:Roxio EMC Stream
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:3AEA6AF9
< End of report >
Extras Log
OTL Extras logfile created on: 27/11/2011 12:52:26 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Neha\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19154)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
2.94 Gb Total Physical Memory | 1.69 Gb Available Physical Memory | 57.63% Memory free
6.07 Gb Paging File | 4.83 Gb Available in Paging File | 79.57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 52.37 Gb Free Space | 37.68% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.92 Gb Free Space | 49.19% Space Free | Partition Type: NTFS
Computer Name: NEHA-PC | User Name: Neha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013968D4-ECBE-441D-915F-6B70BD9C1364}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{069746CE-D36E-4B61-A674-F2688ACC1B66}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{075F1FBE-9FAA-4DD4-96F7-BB2E90F9904C}" = rport=138 | protocol=17 | dir=out | app=system |
"{1B51E66A-0458-4934-8900-CEACC86DE2D2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CA63133-92B8-4486-A991-81BF1091EB48}" = rport=445 | protocol=6 | dir=out | app=system |
"{2ECC9A63-CBB6-4639-8607-50D432B655C8}" = lport=138 | protocol=17 | dir=in | app=system |
"{2F687070-DFB7-4093-B63D-BD9EC48991AB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{454134CC-B163-428D-B973-87B71C45CB47}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5AD63E72-829F-4498-9EE3-E1137668AC90}" = lport=139 | protocol=6 | dir=in | app=system |
"{678AA400-7EEC-46C5-853F-ED5C776CE83F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{7276EA81-EE13-4BD2-A169-4AE36FC3402E}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A09B8FC-D247-41CA-AA06-1891936D2205}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8EB88943-43DE-492B-94B6-057CC742245D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8F685452-D4E2-429B-B707-0F825AEA8EF7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{91095EED-1CC5-4FCB-BC5B-3AB017BFA571}" = lport=137 | protocol=17 | dir=in | app=system |
"{9261AC15-BFE7-4C94-80F5-53400B7C4608}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93E38172-A2B1-421A-8501-026CED3D6878}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9546AD8B-2B48-40AC-AF25-CAD72682F3F7}" = rport=137 | protocol=17 | dir=out | app=system |
"{996E24C1-C62D-4E34-B680-5809E4FEB274}" = rport=139 | protocol=6 | dir=out | app=system |
"{BB35D350-9F58-43A2-85C3-E3F105C23612}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BCE65467-AAA4-4BF5-BDD8-7DCD10AAB948}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BE0974FA-1E6F-4467-9E67-80F5AE1C6825}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFC47231-7A8D-44DA-A2A9-06DC47249198}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CFA9223A-A170-4AE4-A160-B097DF93B1B9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001CB2D4-9CE3-44E6-8F71-2644167AF459}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{014CA6FD-6243-4AA1-AE64-66ECCA960B7E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{0260E308-28B7-4704-ABDC-61FAA344BA8D}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{06F7B525-BB49-43E0-921E-E820F35FA756}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{0B7F8CC8-C000-4971-91E3-7F40085085BC}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{0C661D5F-D4BC-4D97-BA17-939904E0B6B2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{15B65404-FEB1-4FB1-BDE9-2FAC3C006FE4}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1200518764\ee\aolsoftware.exe |
"{15F08CE5-4B41-461C-A0AB-CBC936F61341}" = protocol=58 | dir=out | [email protected],-28546 |
"{19BE42DF-4357-4DFC-AC02-2460FE2A3C06}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1F55333F-298D-4A7C-95A2-BBA4AE8C3CF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F8B7BA6-D6FB-4492-82CF-8572BDFF503F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{22B935CA-F12C-4DBA-A07A-AEF6E1AF7841}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3196F17B-CE8E-420A-9592-010031DA14C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{37041720-4B58-4B3A-8ABD-FA3E613448BA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3AC23F75-8989-454B-8C8C-EE691CED0D3C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{40A11FCB-CD30-4010-9785-AEC62B620C23}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{413516A1-276A-4212-A9E6-79B7061B4456}" = protocol=58 | dir=in | [email protected],-28545 |
"{4BA48928-AE38-4FD7-88DA-D46E7A0D11ED}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{4C90023C-151D-442A-AD2E-A89051B4FB7E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{4DA37EF0-C3F6-48D1-814B-CB0CC8769D85}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\aol.exe |
"{5033E463-7DE3-4D63-A9A0-69F4F796C959}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54066253-014C-46AA-81A7-3F30D13AE8D5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5982BE8E-7038-4726-B74B-828668FAB9D0}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{5D0E2E96-7522-4C3C-BEA2-EA2BB507A526}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{6208BF4A-0001-4320-A755-D0BAA2879331}" = protocol=1 | dir=in | [email protected],-28543 |
"{6662909E-BCDD-4B02-9202-9152088657DA}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{6A01FEBA-47F5-47CA-805F-C2C6CB63D7EF}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{6A803F42-0B00-48CE-BFBF-28A67746563B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{6C389A6E-521E-4614-8BB5-1A1472785979}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\aol.exe |
"{6C766B62-F96D-484A-8583-E5879D03760C}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{7786B1CC-4FF9-43CD-9C99-1C1861A1BD2E}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{8183CB5F-F9BB-454C-B04B-8116C494FE19}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{87027BF9-4389-4914-AE6D-5CD15CB3EC43}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{876BBDF7-B6BD-4B15-A9B1-9BB1B8700895}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1200518764\ee\aolsoftware.exe |
"{8E670B63-5A6B-4CCB-9E2A-7B9D6F801C3F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{919BC780-5BBB-4EC9-B2FB-78E500AE529C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9351194E-CC12-4CB3-87BA-0BA472DE5129}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{936908FD-F7A2-4DCA-9F2D-7D321E473DF3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{97F2731B-A0A3-493A-A55F-78BD5008A37F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9C79286E-86D2-4D68-966A-477CA284098C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{9FD10955-CFDB-4855-8430-445BA5DC60AB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{A2626517-22D9-487F-8D99-AAE95F2E9A64}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{A527F0FD-5692-40FC-BC7F-A12DD0CFBEFF}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{AC1CE5B8-3901-4174-BB20-C2A47B10B65E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B4FC0C8D-A41F-42DA-BB5B-E2EA7F953A89}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{B6C12BA8-8AA8-47BC-8B03-E7785CA52395}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{B85DC8D9-B4D2-4495-B6E9-2022E1ECF430}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B927303E-99CA-450B-9B50-0AAC2278642E}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{BDCCA442-1A39-42D3-BC85-C8DEF1538ABC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE10D116-24B0-4948-9916-5F539FA4FB16}" = protocol=6 | dir=out | app=system |
"{C16EB4F8-D627-4B66-AB07-ED2E878A1C6F}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
"{C28711CC-9707-4CEC-AA67-20D0C273E300}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1200518764\ee\aolsoftware.exe |
"{C36781E0-B348-4FD3-A6D5-62258904FF93}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C750639F-5539-4B05-A9C8-0880784B6962}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{CC87F0C9-6509-4BDA-87C4-668BA6DAFF16}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CE24841B-142D-43D5-A9F6-DACA58437065}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{D378417E-A0BE-48FD-AAE7-DD8CA455E17C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D7811609-C693-4169-85E4-B5F4D08288BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D937CF42-573A-478E-9EAF-2F84E39E21EE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E1EDE59C-D190-4AFD-B88C-CDB815CDACD2}" = protocol=1 | dir=out | [email protected],-28544 |
"{E3E984DF-EC7D-448D-8906-BE43962AB9BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E711F05D-1004-4607-B383-2BB0DA7F07F8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{EAA87DF1-D6C2-4FFE-B7EA-B91CB0CA6A4D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{EC21EF74-BF39-4465-A24F-4D3BD4525472}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{EC705686-0C7A-4B92-84C7-247C43819220}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
"{ED2035C2-D39A-4243-B2EE-4ED2BEE98200}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{ED43E924-A0DA-4ED4-A54E-BB63D4176380}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{ED7EF7D4-C040-458D-A861-A1CA8F0B4835}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1200518764\ee\aolsoftware.exe |
"{F29FDCB8-B91C-473C-9E19-3A2128B64608}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{F3AEC9EF-45FE-4FE0-9D8A-07B84376AB69}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{F45ABB89-F676-47F1-AA44-808B061FDFB3}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{F4A87CAC-CFB2-4213-BB3F-26C257313286}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{FA912D6E-4E33-46EC-B51B-3E3B8F459E75}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{5690858B-0A76-4DA7-BAE1-BC588FAD7472}C:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe" = protocol=6 | dir=in | app=c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe |
"TCP Query User{667EA162-E872-4EED-B37F-4FA2AF046005}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{6DCCEE70-2BA6-4423-906E-42AB23441A2B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{896F6545-F813-4058-9DFE-E37F4772C6F6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9DD42084-8FB2-46EA-B2B6-88A092E8933F}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{D77A8250-E6F6-48A5-B9D6-BDA0611DC9FF}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{08FAED95-E56A-41F5-8CDC-4AEC83D60C0E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{11C0B9A1-C983-42D8-951D-8B0CA595B72D}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{2E8631C5-D57D-4EA5-9A2E-EF3A1206F10A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4FD25C15-C092-411A-A6B6-5B5510FD977C}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{5EB18FA0-CCF4-45ED-8D3C-63299753ACAE}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{DED05C0E-D6C9-4980-AF10-85834EE56D53}C:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe" = protocol=17 | dir=in | app=c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{0564C76B-8E1F-4157-8654-B0F9F308BEE9}" = HP Deskjet 3050 J610 series Basic Device Software
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java 7 Update 1
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{34E90074-C80C-4182-A995-65E88B5B56E0}" = HP Deskjet 3050 J610 series Product Improvement Study
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{759142E8-25B0-42AE-B408-4215065D3F4B}" = Windows Live Family Safety
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{A9FE08B0-7804-43FF-8B90-04EEC285FFF6}" = Microsoft Office Live Add-in Patches
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}" = Adobe AIR
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{EF6F70D0-C242-4047-946B-98EA8208481A}" = ArcSoft TotalMedia Backup & Record
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Help
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AMDAway INF" = AMDAway INF
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Ares" = Ares 2.1.0
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Defraggler" = Defraggler
"Dell Support Center" = Dell Support Center
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileHippo.com" = FileHippo.com Update Checker
"HP Photo Creations" = HP Photo Creations
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"KeyScrambler" = KeyScrambler
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"Rapport_msi" = Rapport
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"TurboHddUsb" = TurboHddUsb
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Facebook Plug-In" = Facebook Plug-In
========== Last 10 Event Log Errors ==========
[ Antivirus Events ]
Error - 24/03/2008 10:03:33 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 05/04/2008 11:02:05 AM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:03 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:04 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:09 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:16 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:20 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 07/01/2010 8:25:47 AM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
[ Dell Events ]
Error - 28/05/2011 8:32:26 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/06/2011 11:37:40 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 10/06/2011 11:37:41 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 17/07/2011 10:59:12 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 17/07/2011 10:59:12 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 15/08/2011 11:19:14 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 15/08/2011 11:19:15 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 20/08/2011 7:49:59 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 20/08/2011 7:49:59 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 27/08/2011 11:56:12 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ OSession Events ]
Error - 01/12/2010 1:08:57 AM | Computer Name = Neha-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 25/11/2011 12:32:58 PM | Computer Name = Neha-PC | Source = DCOM | ID = 10016
Description =
Error - 25/11/2011 12:33:04 PM | Computer Name = Neha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25/11/2011 4:28:54 PM | Computer Name = Neha-PC | Source = Print | ID = 6161
Description = The document PDF_516875204_11_2011-11-17_0000000000-1.pdf, owned by
Neha, failed to print on printer HPE71A6D (HP Deskjet 3050 J610 series). Try to
print the document again, or restart the print spooler. Data type: NT EMF 1.008.
Size of the spool file in bytes: 378400. Number of bytes printed: 0. Total number
of pages in the document: 2. Number of pages printed: 0. Client computer: \\NEHA-PC.
Win32 error code returned by the print processor: 0. The operation completed successfully.
Error - 25/11/2011 4:32:46 PM | Computer Name = Neha-PC | Source = Print | ID = 6161
Description = The document Microsoft Word - Document1, owned by Neha, failed to
print on printer HPE71A6D (HP Deskjet 3050 J610 series). Try to print the document
again, or restart the print spooler. Data type: NT EMF 1.008. Size of the spool
file in bytes: 16040. Number of bytes printed: 0. Total number of pages in the
document: 1. Number of pages printed: 0. Client computer: \\NEHA-PC. Win32 error
code returned by the print processor: 0. The operation completed successfully.
Error - 26/11/2011 9:33:27 AM | Computer Name = Neha-PC | Source = DCOM | ID = 10016
Description =
Error - 26/11/2011 9:33:31 AM | Computer Name = Neha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27/11/2011 12:11:14 PM | Computer Name = Neha-PC | Source = DCOM | ID = 10016
Description =
Error - 27/11/2011 12:11:31 PM | Computer Name = Neha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27/11/2011 1:47:20 PM | Computer Name = Neha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27/11/2011 1:47:57 PM | Computer Name = Neha-PC | Source = DCOM | ID = 10016
Description =
< End of report >